Security News > 2021 > January > SolarWinds hackers had access to over 3,000 US DOJ email accounts
The US Department of Justice said that the attackers behind the SolarWinds supply chain attack have gained access to roughly 3% of the department's Office 365 email inboxes.
The Justice Department currently employs over 115,000 people [1, 2] which translates to around 3450 potentially breached mailboxes.
DoJ's Office of the Chief Information Officer detected malicious activity on December 24th, 2020, related to the SolarWinds hack that impacted several federal agencies and technology contractors.
"This activity involved access to the Department's Microsoft O365 email environment," DoJ Spokesman Marc Raimondi said in a statement published earlier today.
The OCIO blocked the method used by the attackers to gain access to the DOJ Office 365 email accounts after learning of this malicious activity.
This statement confirms a Microsoft report saying that the end goal of the SolarWinds supply chain compromise was to provide the attackers with access to the targets' cloud assets after deploying the Sunburst/Solorigate backdoor on their local networks.
News URL
Related news
- US sanctions Chinese company linked to Flax Typhoon hackers (source)
- US Treasury hack linked to Silk Typhoon Chinese state hackers (source)
- Treasury hackers also breached US foreign investments review office (source)
- US sanctions Chinese firm, hacker behind telecom and Treasury hacks (source)
- Hackers game out infowar against China with the US Navy (source)
- Subaru Starlink flaw let hackers hijack cars in US and Canada (source)
- Spain arrests suspected hacker of US and Spanish military agencies (source)
- Suspected NATO, UN, US Army hacker arrested in Spain (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)